421bf81dcbef31da449ae3ce4a01a03f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

421bf81dcbef31da449ae3ce4a01a03f_JaffaCakes118
Size

12KB
MD5

421bf81dcbef31da449ae3ce4a01a03f
SHA1

4d9551edb3c519e4501ea62f481ce4e125430193
SHA256

79f8e0f32b06fa8e6a6163a75af4ec8d7a4ed5567e74d015ac8bb59caee52d19
SHA512

ad142e2d077d6594f695796d590be259905fa47c0646a00473d3e9b6955ed58f5a3599b1f98c70794a45c285fd3e8113475b1efce3821d6845a0dbf84f7d0206
SSDEEP

192:n3PIBIMFfRS+zUyxArHFReVWiGomse1pNvihR0SXOViyf6XxwGzVnEXk:3PIhFfRpDxUHeVWiGhpNvG0hiyf6X+2j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
421bf81dcbef31da449ae3ce4a01a03f_JaffaCakes118

Files

421bf81dcbef31da449ae3ce4a01a03f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

493fadfe59ec1ccb667d3415d5357692

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
LoadLibraryA
lstrlenA
GetCurrentProcess
GetProcAddress
lstrcmpiA
CloseHandle

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 358B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE